Head of IT Sec AS Attack Surface Mgmt

Sista ansökningsdag: 25 juli

Arbetsort: Bangalore, Gurgaon, Noida, Stockholm

Publicerat: För 5 timmar sedan

Kategorier: Chef & Ledning Data & IT Säkerhet & Skydd Teknik & Ingenjör

About our opportunity

We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management.

In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson

You will

• Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap.
• Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming.
• Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle.
• Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services).
• Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments.
• Lead API and third-party attack surface monitoring and ensure proactive risk reduction.
• Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations.
• Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units.
• Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance.
• Lead red/purple team exercises to validate security posture and feed improvements into the ASM program.
• Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams.
• Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations.

The Skills You Bring:

• Bachelor’s or master’s degree in computer science, Information Security, or related field.
• 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent.
• Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets.
• Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools.
• Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management.
• Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks.
• Strong leadership, stakeholder management, and team development skills.
• Ability to communicate technical risks and attack surface exposures in business language to executives and board members.
• Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals.

Why join Ericsson?

At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.

What happens once you apply?

Click Here to find all you need to know about what our typical hiring process looks like.

Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more.

Primary country and city: India (IN) || Gurgaon

Req ID: 768823